Updated on 2025-08-12 GMT+08:00

Query Security Reports

Function

This API is used to query security reports.

Calling Method

For details, see Calling APIs.

URI

GET /v1/{project_id}/report/{report_id}

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Definition

Project ID, which is used to specify the project that an asset belongs to. You can query the assets of a project by project ID. You can obtain the project ID from the API or console. For details, see Obtaining a Project ID.

Constraints

N/A

Range

32-bit UUID.

Default Value

N/A

report_id

Yes

String

Definition

Security report ID.

Constraints

N/A

Range

32-bit UUID.

Default Value

N/A

Table 2 Query Parameters

Parameter

Mandatory

Type

Description

fw_instance_id

Yes

String

Definition

Firewall ID. It is a unique ID generated after a firewall instance is created. You can obtain the firewall ID by referring to Obtaining a Firewall ID.

Constraints

N/A

Range

32-bit UUID.

Default Value

N/A

report_profile_id

Yes

String

Definition

Security report template ID.

Constraints

N/A

Range

32-bit UUID.

Default Value

N/A

Request Parameters

None

Response Parameters

Status code: 200

Table 3 Response body parameters

Parameter

Type

Description

data

FirewallReport object

Table 4 FirewallReport

Parameter

Type

Description

attack_info

AttackReport object

Definition

Security event details.

Range

N/A

category

String

Definition

Report type.

Range

N/A

internet_firewall

InternetReport object

Definition

Internet border firewall.

Range

N/A

send_time

Long

Definition

Sending time.

Range

N/A

statistic_period

StatisticPeriod object

Definition

Statistical scope.

Range

N/A

vpc_firewall

VpcReport object

Definition

VPC border firewall.

Range

N/A

Table 5 AttackReport

Parameter

Type

Description

dst_ip

Array of ItemVO objects

Definition

Top attack target IP addresses.

Range

N/A

ips_mode

Integer

Definition

Intrusion prevention status.

Range

N/A

level

Array of ItemVO objects

Definition

Attack severity distribution.

Range

N/A

rule

Array of ItemVO objects

Definition

Top attack rules.

Range

N/A

src_ip

Array of ItemVO objects

Definition

Top source IP addresses.

Range

N/A

trend

Array of TrendVO objects

Definition

Attack trend.

Range

N/A

type

Array of ItemVO objects

Definition

Top attack distribution.

Range

N/A

Table 6 InternetReport

Parameter

Type

Description

eip

Eip object

Definition

EIP protection status.

Range

N/A

in2out

In2Out object

Definition

Outbound traffic.

Range

N/A

out2in

Out2in object

Definition

Inbound traffic.

Range

N/A

overview

Overview object

Definition

Overview.

Range

N/A

traffic_trend

Array of TrendVO objects

Definition

Traffic trend.

Range

N/A

Table 7 Eip

Parameter

Type

Description

protected

ChangedVO object

Definition

Protection status.

Range

N/A

total

Integer

Definition

Number of EIPs.

Range

N/A

Table 8 In2Out

Parameter

Type

Description

dst_host

Array of ItemVO objects

Definition

Top accessed domain names.

Range

N/A

dst_ip

Array of ItemVO objects

Definition

Top destination IP addresses.

Range

N/A

dst_port

Array of ItemVO objects

Definition

Top accessed ports.

Range

N/A

src_ip

Array of ItemVO objects

Definition

Top access source IP addresses.

Range

N/A

Table 9 Out2in

Parameter

Type

Description

dst_ip

Array of ItemVO objects

Definition

Top destination IP addresses.

Range

N/A

dst_port

Array of ItemVO objects

Definition

Top open ports.

Range

N/A

src_ip

Array of ItemVO objects

Definition

Top access source IP addresses.

Range

N/A

Table 10 StatisticPeriod

Parameter

Type

Description

end_time

Long

Definition

End time.

Constraints

N/A

Range

Milliseconds-level timestamp.

Default Value

N/A

start_time

Long

Definition

End time.

Constraints

N/A

Range

Milliseconds-level timestamp.

Default Value

N/A

Table 11 VpcReport

Parameter

Type

Description

app

Array of ItemVO objects

Definition

Number of top applications.

Range

N/A

dst_ip

Array of ItemVO objects

Definition

Top destination IP addresses.

Range

N/A

overview

Overview object

Definition

Overview.

Range

N/A

src_ip

Array of ItemVO objects

Definition

Top access source IP addresses.

Range

N/A

traffic_trend

Array of TrendVO objects

Definition

Traffic trend.

Range

N/A

vpc

Vpc object

Definition

VPC protection statistics.

Range

N/A

Table 12 Overview

Parameter

Type

Description

access_policies

AccessPolicy object

Definition

Access control policy.

Range

N/A

assets

ChangedVO object

Definition

Number of assets.

Range

N/A

attack_event

AttackEvent object

Definition

Threat event.

Range

N/A

traffic_peak

TrendVO object

Definition

Peak traffic.

Range

N/A

Table 13 AccessPolicy

Parameter

Type

Description

changed

Integer

Definition

Number of changes.

Range

N/A

eip

Integer

Definition

EIP access control policy.

Range

N/A

nat

Integer

Definition

NAT access control policy.

Range

N/A

total

Integer

Definition

Total number.

Range

N/A

Table 14 AttackEvent

Parameter

Type

Description

changed

Integer

Definition

Number of changes.

Range

N/A

deny

Integer

Definition

Number of blocked objects.

Range

N/A

total

Integer

Definition

Total number.

Range

N/A

Table 15 TrendVO

Parameter

Type

Description

agg_time

Long

Definition

Aggregation time.

Range

N/A

bps

Double

Definition

Bandwidth.

Range

N/A

deny

Long

Definition

Number of blocked objects.

Range

N/A

in_bps

Double

Definition

Inbound bps.

Range

N/A

out_bps

Double

Definition

Outbound bps.

Range

N/A

permit

Long

Definition

Allowed quantity.

Range

N/A

Table 16 ItemVO

Parameter

Type

Description

key

String

Definition

Aggregation item.

Range

N/A

name

String

Definition

Aggregation item name.

Range

N/A

value

Long

Definition

Statistical value.

Range

N/A

Table 17 Vpc

Parameter

Type

Description

protected

ChangedVO object

Definition

Protection statistics.

Range

N/A

total

Integer

Definition

Total number.

Range

N/A

Table 18 ChangedVO

Parameter

Type

Description

changed

Integer

Definition

Number of changes.

Range

N/A

total

Integer

Definition

Number of changes.

Range

N/A

value

Integer

Definition

Quantity.

Range

N/A

Status code: 400

Table 19 Response body parameters

Parameter

Type

Description

error_code

String

Definition

Error code.

Range

N/A

error_msg

String

Definition

Error message.

Range

N/A

Example Requests

Query a security report. The project ID is eb7accd78ea845078275b2ad5280a109, firewall ID is 8a996d43-75bd-48b4-b1b8-de0706b72b8f, template ID is e8f43868-d6e7-43a7-aa7f-dda0292f4785, and report ID is b07861af-3468-4d4e-b39b-30c9ca516888.

https://{Endpoint}/v1/eb7accd78ea845078275b2ad5280a109/report/b07861af-3468-4d4e-b39b-30c9ca516888?report_profile_id=e8f43868-d6e7-43a7-aa7f-dda0292f4785&fw_instance_id=8a996d43-75bd-48b4-b1b8-de0706b72b8f

Example Responses

Status code: 200

OK

{
  "data" : {
    "attack_info" : {
      "dst_ip" : [ {
        "key" : "120.52.95.246",
        "value" : 47
      } ],
      "ips_mode" : 1,
      "level" : [ {
        "key" : "CRITICAL",
        "value" : 119
      } ],
      "rule" : [ {
        "key" : "Realtek Jungle SDK Command Injection Vulnerability (CVE-2021-35394)",
        "value" : 30
      } ],
      "src_ip" : [ {
        "key" : "120.46.56.58",
        "value" : 66
      } ],
      "trend" : [ {
        "agg_time" : 1748966700000,
        "deny" : 2,
        "permit" : 1
      } ],
      "type" : [ {
        "key" : "Vulnerability Exploit Attack",
        "value" : 30
      } ]
    },
    "category" : "custom",
    "internet_firewall" : {
      "eip" : {
        "protected" : {
          "value" : 3
        },
        "total" : 5
      },
      "in2out" : {
        "dst_host" : [ {
          "key" : "repo.huaweicloud.com",
          "value" : 58511700
        } ],
        "dst_port" : [ {
          "key" : "22",
          "value" : 12062960684
        } ],
        "src_ip" : [ {
          "key" : "172.18.0.90",
          "value" : 12062961860
        } ]
      },
      "out2in" : {
        "dst_ip" : [ {
          "key" : "120.46.56.58",
          "value" : 41828474
        } ],
        "dst_port" : [ {
          "key" : "23",
          "value" : 925712
        } ],
        "src_ip" : [ {
          "key" : "114.116.217.114",
          "value" : 4008768
        } ]
      },
      "overview" : {
        "access_policies" : {
          "eip" : 18,
          "nat" : 105,
          "total" : 123
        },
        "assets" : {
          "total" : 5
        },
        "attack_event" : {
          "deny" : 30,
          "total" : 119
        },
        "traffic_peak" : {
          "in_bps" : 2381284,
          "out_bps" : 3977
        }
      },
      "traffic_trend" : [ {
        "agg_time" : 1748966400000,
        "bps" : 0,
        "in_bps" : 3238,
        "out_bps" : 808
      } ]
    },
    "send_time" : 1749698298872,
    "statistic_period" : {
      "end_time" : 1749657599999,
      "start_time" : 1748966400000
    },
    "vpc_firewall" : {
      "app" : [ {
        "key" : "SSH",
        "value" : 33901440538
      }, {
        "key" : "PING",
        "value" : 784
      } ],
      "dst_ip" : [ {
        "key" : "172.17.0.192",
        "value" : 33900674752
      }, {
        "key" : "172.18.0.90",
        "value" : 766570
      } ],
      "overview" : {
        "access_policies" : {
          "total" : 10
        },
        "assets" : {
          "total" : 17
        },
        "attack_event" : {
          "deny" : 0,
          "total" : 0
        },
        "traffic_peak" : {
          "bps" : 711475757
        }
      },
      "src_ip" : [ {
        "key" : "172.18.0.90",
        "value" : 33900674752
      }, {
        "key" : "172.17.0.192",
        "value" : 766570
      } ],
      "traffic_trend" : [ {
        "agg_time" : 1748966400000,
        "bps" : 0,
        "in_bps" : 0,
        "out_bps" : 0
      } ],
      "vpc" : {
        "protected" : {
          "value" : 2
        },
        "total" : 17
      }
    }
  }
}

Status code: 400

Bad Request

{
  "error_code" : "CFW.00200003",
  "error_msg" : "Parameter error."
}

Status Codes

Status Code

Description

200

OK

400

Bad Request

Error Codes

See Error Codes.